Posted
by
Unknown Lamer
on Tuesday June 10, 2014 @01:52AM
from the waiting-for-obvious-patents dept.

schwit1 (797399) writes 'It wasn't touted onstage, but a new iOS 8 feature is set to cause havoc for location trackers, and score a major win for privacy.As spotted by Frederic Jacobs, the changes have to do with the MAC address used to identify devices within networks. When iOS 8 devices look for a connection, they randomize the MAC address, effectively disguising any trace of the real device until it decides to connect to a network.'

Yes they do, they even say so in their privacy policy: “[Apple will] make certain personal information available to strategic partners that work with Apple to provide products and services, or that help Apple market to customers.”

In fact, if you read their privacy policy, you'd realize Apple gathers up about as much personal information on users as any other big tech company. The main difference is they say they don't connect the dots.In fact, they've been and are being sued for sharing too much user data...

Personal user data big part of any technology company's business model these days. Even Apple.

That's GPS based location tracking carried out by your phone. TFA is referring to nasties like this - http://www.telegraph.co.uk/tec... [telegraph.co.uk] - where wifi enabled devices are tracked by wifi hotspots using their mac address.

It goes back to the other comments, while others cannot track you. That doesn't mean Apple isn't doing the collecting themselves and selling it off, or being requested by the FBI, NSA to give up what they have.

This makes for a pointless argument. Essentially you are saying that turning tracking off completely somehow gets respected, but turning it off selectively somehow doesn't. That makes absolutely no sense. If they want to sell you out, it doesn't matter how you disable tracking.

This is nothing more then PR twisting, by a company that is suspected of willfully working with spying/law enforcement agencies.

To me to have the press sit there an report this without highlighting the companies past and current data collecting activities is misleading the public into thinking they are somehow safe, or just to give people a false sense of security as a way to sell more phones then your competitor.

First, *every* US company is suspected to work together with the NSA. So Apple isn't worse off in that regard.

Second, this feature is not about avoiding the NSA. The spooks can just utilize the cell network to track you. This feature is about *everyone else* trying to track you. Because, you know, not everyone is able to spoof a cell tower. But everyone *is* able to put up a WiFi hotspot.

Third, *of course* this is about selling more devices. And what's wrong with trying to make money by offering something actually useful?

When I first saw this I thought "finally Apple has given folks a good reason to shell out the extra cash. Now if they were only waterproof and shock resistant like my cheap Kyocera..."

I keep location services shut off as well, but on my phone turning it on or off is just a swipe and a touch. And it's extremely annoying that apps with no real use except stalking me keep nagging me to turn it on. It's why I refuse to upgrade my TuneIn app, the upgrade wants my address book! WTF? Stupid developers writing stup

They don't connect the dots for everybody for free. Become a strategic partner (that is: find a way to bring them more money) and they'll be happy do connect the dots for you. So don't be naive: Apple cares about its customers only when it can turn that care into profit.

Apple doesn't care as much about profit after the fact because they got 45% off of you as soon as you bought their phone.

Even if you turn off every function on your phone--including the phone--and kept it in airplane mode the whole time like some sort of absurdly expensive iPod, Apple already made a profit.

Apple cares about your privacy insofar as it allows them to put a bullet-point on the box that they can use to distinguish themselves from Google's model. Google needs information to make a profit. They make virtually no money off of Android itself; that's why buying a Nexus is so cheap.

Essentially, Apple can afford to be stingy with information, and can afford for YOU to be stingy with YOUR information. Google can't.

I'm sure Apple will turn your information into profit if it can, don't get me wrong. But it's not their primary business model. As long as the phone costs a lot of money, you can count on them being less interested in what you have to offer after the sale.

I'm sure Apple will turn your information into profit if it can, don't get me wrong. But it's not their primary business model. As long as the phone costs a lot of money, you can count on them being less interested in what you have to offer after the sale.

Your privacy is important to Apple. So we’ve developed a Privacy Policy
that covers how we collect, use, disclose, transfer, and store your information.
Please take a moment to familiarize yourself with our privacy practices and
let us know if you have any questions.

...

Disclosure to Third Parties

At times Apple may make certain personal information available to strategic partners that work with Apple to provide products and services, or that help Apple market to customers. For example, when you purchase and activate your iPhone, you authorize Apple and your carrier to exchange the information you provide during the activation process to carry out service. If you are approved for service, your account will be governed by Apple and your carrier’s respective privacy policies. Personal information will only be shared by Apple to provide or improve our products, services and advertising; it will not be shared with third parties for their marketing purposes.

Service Providers

Apple shares personal information with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies are obligated to protect your information and may be located wherever Apple operates.

Others

It may be necessary by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence for Apple to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.

We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.

I doubt Google does either. Or Facebook. Or LinkedIn. Or Microsoft/Bing. Or any other service which specialises in gathering all your precious information in order to monetize it. They want it all to themselves because it's to their commercial advantage to do so.

They like to share with people who shove enough money into their hands. It's the same as with the rest of their OS, which is a hodgepodge of features designed to funnel business to specific partners. Apple "cares about your privacy" in the same sense that a pimp cares about the virginity of his ladies: their customers should be able to enjoy the illusion of it.

Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.

No, this is about 3rd parties tracking you - it means your iPhone does not provide its MAC address to the network(s) it has found. This never had anything to do with Apple tracking you nor does not stop Apple from keeping tabs on what networks you have identified while looking for a connection.

True. But I think the point is that Google's business plan depends on 3rd parties. It's not exactly a good comparison, but this is one more example of Apple's positive protection of customer's privacy againsts Google's equal number of negative examples.

More specifically this is about 3rd parties tracking you, without paying Apple.All this does is close up the tracking options that compete with Apple's tracking options.As for Google, I suspect we'll see this happening on Android phones soon enough as MAC tracking competes with Google as well.

iBeacons is just one small part of what they do. Apple's devices (like everybody else's) constantly determine your location, and unless you're very careful about disabling it, transmit it. Whether this bothers you or whether it should bother you is another question, but it is happening.

They actually don't. CoreLocation does not operate unless an app has requested it. If it does operate, it doesn't send anything to apple unless you specifically opted in. If you did specifically opt in, it sends anonymised, randomised data, rather than actually tracking you.

really? I know they were roundly accused of this with no evidence ever provided other than a bug which caused excessive *local* retention of location data. Interestingly, it came out at about the same time that *google* was in fact shipping the location data back to the mothership (something Apple doesn't do) with no retention limits evident.

As a company, Google *depends* on eliminating privacy -- it is the source of their revenue. Apple depends on hardware sales. So while they make some money by selling aggregated data (and try to foist obnoxious things like itunes radio on their users) that is not actually their core business nor a significant part of their revenue stream. When Apple advertised an earlier incarnation of icloud as being better privacy they didn't call out Google specifically -- they didn't need to. The people who cared already knew who they are talking about.

But somehow Apple is the anti-privacy company and google is okay. I never understand the fanboys.

If you want to bust on Apple, great, I'm all for it. Just bust them on things they are actually guilty of and don't try to misrepresent them. They've definitely done some bad things, but strangely they don't seem to get beat up for things they've really done (or the issue is misrepresented).

What I'm saying is that while it may be fun to trot out things like the "640K should be enough for everyone" to bust on Bill Gates that is an urban myth and he never said it. Instead, bust on him for things that he *did* do (like hire someone else to pirate CPM). Same for Apple and Jobs (I just have a somewhat better memory for the Microsoft end of things, hence using MS-centric example).

iOS devices determine your location if you agreed to at least one app using that information. The device also doesn't transmit this information. An app might if you opted in to location tracking. For something like "find my friends" that's kind of the point, you know.

(Of course, *every* active cell phone can be tracked by the cell phone network. But I don't think that's what you were referring to.)

No, it still provides your MAC to the network. Doing otherwise would break things - static DHCP reservations for one. It means the iPhone won't provide its MAC address *until* it finds a recognised network to connect to - it won't be broadcasting it constantly while you are out traveling or shopping.

RTFA, It only randomizes on scan and goes back to the original MAC address when it connects.. You are correct that it is easy to change the MAC address, but that doesn't change the fact that randomizing the mac address on connect would break things like DHCP reservations or MAC based white lists.

But trying to sidestep the fundamentals of the network design isn't a wise choice. Using a random MAC when scanning doesn't matter except for someone tracking devices by their MAC identifier. Using a random one when _connecting_ to a network could lead to problems...

that isn't very hard. I have no special information and haven't read TFA, but presumably they select an Apple prefix and use an algorithm to generate the rest. It'll actually be pseudo-random, but that isn't a particularly relevant distinction as very few systems have true random number generation and approximate it by collecting entropy from various sources to see the algorithm.

Given the large space represented by just Apple prefixes, the odds of a collision are incredibly small. If they used other prefixe

Generally, I've found this to be true. Their business model does not depend on a lack of customer privacy like Google.

I would be more optimistic if it weren't for the fact that Apple went and deliberately developed "iBeacon [wikipedia.org]", more or less deliberately designed for every sort of horrid 'location based service' and 'relevant offer' crap in the book.

Architecturally, hunting for wifi networks with a spoofed MAC is a good idea; but it sure does look like Apple is cutting an attempt to track their phones the non-blessed way off at the knees, even as they actively provide a blessed way of doing it.

In the same way, they cracked down on apps that used phone serial numbers, IMEIs and similar; but then built an "advertising identifier" right into their OS.

They want to be sure that you find the experience of being sold tasteful and unobtrusive; but they aren't actually your friends, nor do they consider your hardware purchase to be sufficient to exempt you from being the product.

You make a good point. However, iirc, a user can completely diasable their iPhone's from repsonding to iBeacons. So even under the "blessed" way, a customer's privacy is still within their personal control.

well, to do so means turning off Bluetooth, which sucks because I hate using corded headphones.

And iBeacon hardware can trivially also work the same way as wifi tracking, by just tracking the bluetooth id your phone is emitting all the time instead. it's unique to your phone and can be used to pin down the phones location quite precisely.

while iBeacon itself is quite benign if you just don't download/authorize the stores app to get the iBeacon messages, I'm sure larger stores will spring the extra couple o

AFAIK, you can't see the source for Google apps like Play Store, Maps etc, tough. Maybe not even for the launcher. I don't know what's part of AOSP and what's a Google add-on, these days. My point being that, for reaping the benefits of being able to see the source code, you must be able to see it all. Unless you have root access and can manage permissions on a per-app basis directly via the base, open OS. That's not Android's case, though - at least not by default.

And you've seen the source code for the Android device in your hand? Right. Didn't think so. Hell, even if you compiled it yourself I seriously doubt you looked. Furthermore 99.9999% of people wouldn't have the foggiest idea where to find the relevant bits of code even if they did have the source code. Which they don't. And even if they did they certainly don't have time to review all the code themselves. I'm as big a supporter of open source as anyone here but I'm under no illusion that it protects me from a company like Google.

Google isn't trying to hide anything from anyone, unlike Apple.

If you believe that I have some property I'd like to sell you. Just because they have a cute motto about not being evil doesn't mean much. Google is no better than Apple when it comes to collecting and selling information about you. They are an advertising company and that is how they make their money. They may not sell all your specific information to specific buyers but they definitely are using that information to make money. And if you think they aren't hiding anything just try waltzing into their headquarters and snooping around sometime. Tell me how that goes for you.

Big difference iBeacon needs to be enabled per app, the user has control! Here the user was scanned without their consent, this new privacy feature is awesome.

It's better than that. For every set of iBeacons, you have to specifically download, install and run an app that reacts to that iBeacon, or nothing will happen at all. The beacons themselves have no hardware to receive any data from the device. On stackoverflow.com you will find people asking all the time how to receive data from _any_ beacon, and are surprised when they are told there is no API for that.

Then the application could require the user to create a unique screen name and password in case the user has the "Show Me Irrelevant Ads" options turned on. Or what in the App Store Review Guidelines document prohibits that?

Per the Wikipedia page on iBeacon [wikipedia.org] you linked:
"The only role of the iBeacon is to advertise to the phones of its own existence at the physical location. iBeacon do not actively push out notifications (other than the iBeacon advertisement frames) nor does iBeacon actively track nearby users."

Oh it must be true, as a pithy one-liner describes it so. Or not. Yes, Google gets the majority of its money from advertising. You fail to notice that Google users are the ones who buy the advertising, and are the ones who click on adverts. This also ignores the many non-ad-based services Google offers, but I guess that's not as cool as your one-liner, even if it is far more accurate, so you will keep spouting that nonsense.

When I buy a Google/ASUS co-branded Nexus 7 tablet from Google Play Store, how am I not the customer? Or am I strictly only ASUS's customer and Google's product? When my boss buys a Google Apps subscription for his company, how is he not the customer?

When I buy a Google/ASUS co-branded Nexus 7 tablet from Google Play Store, how am I not the customer?

Google mades a bit over $14 billion revenue. Just under $13 billion of that is from advertisement.

Apple makes the vast majority of its $54 billion revenue on hardware, a small part ($4 billion) on software and iTunes sales and its advertisement revenue is so small it vanishes somewhere under "services" and I couldn't quickly find a number for it.

Ask yourself which company is more likely to sell out your data to advertisers. The one that makes 90% of its money from them and 10% from you, or the one that makes 98% of its profits from you and 2% from them.

Because it's IMPOSSIBLE for a company to have customers other than its primary revenue stream. Even if you sell products to your other products and provide support to your products and ask your products for feedback to make your products better for your other products. Or something like that.

At least according to the prosecutors who went after Aaron Swartz. His laptop got locked out of a network so he changed the MAC address with the built-in MacOS GUI utility and they said that was like filing the serial number off a car. Now all iphones are going to change it randomly during network scan? OMG, that's like a car that files off its own serial number every time you go around the block! Alert the authorities!!!!! Sigh.

Most laws, except negligence statuettes, have an intent clause. In Schwartz's case it would have been easy to show that his intent was to circumvent being kicked off the network. Randomizing during search can easily be shown as an intent to remain anonymous.

In your example, the prosecutors were able to argue that deliberately using a utility to intentionally change your MAC address was akin to taking steps to file off the serial numbers of a car. This is because Aaron intended to change his MAC address and deliberately took steps to effect the change.

If future iPhones automatically change their MAC address, on their own, without any intervention by their user, where is the crucial element of acting with intent or deliberation?

You are close but the intent issue is not in the act but in what the act was intended to do. It was not the fact that he used a utility to intentionally change his address but that he changed his Mac address with the intent of getting around his being kicked off the network. For example I could draw a dollar bill and use it to buy something as long as I am clear that it is a drawing and not a real bill. I do not "intend" to pass the bill as real money. This is why Boggs [wikipedia.org] has never been convicted of counterfe

It's not about intent at all - a MAC address is simply meaningless! A car's serial number is something that is officially alotted, and has all sorts of codified repercussions. A MAC address is simply a number. Prosecutors arguing that changing your MAC address is akin to filing off a car's serial number, are like those that argued that etoy.com had a.com address and therefore was meant to be using in the US only: a complete fabrication intended to pull the wool over the judge's eyes!

but changing MAC is like filing serial# off a car! At least according to the prosecutors...

Not any more. The Bluetooth Sig just spent four years in heavy sessions to plug the privacy leak from the MAC address tagging every packet with a device "serial number". This was rolled out in Bluetooth 4.0, especially in the Bluetooth Low energy addition.

If the option is turned on, the "MAC address" that labels the packets is pseudo-randomly chosen and constantly mutating. If the other device trying to communic

At least according to the prosecutors who went after Aaron Swartz. His laptop got locked out of a network so he changed the MAC address with the built-in MacOS GUI utility and they said that was like filing the serial number off a car. Now all iphones are going to change it randomly during network scan? OMG, that's like a car that files off its own serial number every time you go around the block! Alert the authorities!!!!! Sigh.

Sad that you don't understand enough about how WiFi works. There are two phases: In the first phase your device detects routers around it. In that phase, it must give out an MAC address so that the router can respond, but the MAC address is completely irrelevant. And no WiFi router will block out anyone during that discovery phase. The second phase is the connect phase, and in the connect phase, the device does indeed give its own MAC address.

Not true. MAC filtering is easily subverted if there is a device nearby already connected, and if the attacker is willing to spend some minutes looking over dumps. It's pathetic security, but it's still better than none at all, as the extra time taken can hold of opportunistic hackers. There's still no good reason to use it, though.

Not, crappy security is not better that no security. When users know there's no security, they may be slightly cautious. If they belive there's security in place, they might let their guard down, so this false sensation of security is actually a bad thing.

Apparently Nordstroms is logging all phones that enter into their stores. Then they can know how many times you've entered, how long you stayed, when you left. I wasn't aware they were starting to do that.

Lets suppose a malfunctioning device is crashing my enterprise wifi system. Tell me again, how in earth will I block it, and much less detect it? This is so wrong in many levels from the technical point of view...

Yes, technologically, it would be much better if we didn't have to do things like this. Spam filters and RBLs and greylisting make debugging e-mail delivery problems hell as well. But you can't have working e-mail without them, because if you try, you get flooded by spam.

Same thing. Yes I agree technologically it would be better to not have to do this. Unfortunately, we have to.

If your network can be crashed by a device not connected to it, but broadcasting packets with its MAC address spoofed for the purposes of compliance with 802.11 specifications then you have a real problem.

Once the device authenticates with and connects to your network, it broadcasts it's real MAC address.

The only thing I can see this messing up other than user tracking is using net stumbler to see who/what is in your area. Hopefully they don't use MAC addresses outside of their legitimate manufacturer IDs

The adoption of measures protecting privacy depends on user demand. Online commerce has been considered safe enough for years yet exchanging an email or having any online activity is completely unprotected. I was always surprised by lack of interest from users. Maybe the younger users, if they are not yet addicted to making all their life public on facebook et al would put some pressure for simple technical solutions that guarantee a basic level of privacy. Obviously, I don't expect complete protection agai

Stores and malls that want to track you still have options - perhaps the most obvious one is to offer free wifi to their customers. Which is probably a win-win situation, although most users probably won't realise that part of the price of the "free" wifi is that they get tracked until they tell their device to forget the network again. There might be some subtle biases introduced into the data captured by this method if some kinds of customer are more likely to accept the offer of free wifi than others,

The randomized MAC addresses might not be all that random. Apple might be able to reverse engineer the fake mac address to find the true mac address. That algorithm might be licensed to "business partners" for a fee. Apple is just interested in preventing third parties from tracking you without paying the due share to Apple.

Apple probably uses a logic to generate the random mac address depending on time of day, etc. Unfortunately, while advertisers may not be able to track the owner of the phone that easy anymore, I'm sure the law enforcement has a copy of the logic to reverse engineer to find the owner of the phone. Having said that though, I'm sure the law enforcement has other tools at their disposal to track one down.
I think the better solution is to use TASKER to disable automatically when leaving the home/workplace a

Don't say that like it is a bad thing. I *want* my devices to have predictable identities because that is how the home router knows what IP address to hand out. Same thing at work. Also understand that a repeatable MAC only links sessions locally: your MAC address is not advertised to the internet.

Now, what would be nice would be an option to only use the assigned MAC when associating to selected networks. E.g., home, work, a friend's, etc., but by default use a randomly generated MAC. The hotels I've been

that's just it people don't turn off wifi but companies like nordstrom run monitoring software. so whenever you enter their store they know how long you were there, what parts of the store you visited, and how often you come visit. I am surprised more companies aren't doing this as it is a quick way to track customers.

What apple has done is made this method of tracking useless. instead they will be forced to use ibeacon type technology which uses bluetooth. It also provide more accurate tracking as blu

Your device is constantly beaconing to the entire world around it, what networks it knows - and it will often quite happily connect to annyone claiming to be that home network, enabling for all sorts of fun snooping attacks.

Go lookup creepyDOL network and the presentation for same from Def Con.

Your device has to beacon continuously if you have ANY hidden networks otherwise it won't find them. At least not until it takes GPS location into account to determine if it should be broadcasting to hidden SSIDs.

In other words, any device has a hidden network in its list is always looking. Not to mention that mobile clients DO probe in order to find known networks more quickly than waiting for the WAP beacon.

Why keep Wifi on? It never seems to work well for me. When I did try to use it the data connection would constantly sever and sometimes cause whatever app I'm using to get angry. Furthermore at my house my Wifi is much slower than my mobile connection. Even though I have a data cap (Verizon) I never exceed the cap without Wifi. I also save some battery by keeping it off.

Wish I had mod points for the above.

I disable my WiFi until I'm somewhere I want to use it. The only people that can track me are my cell provider and those people within range of a WiFi network I want to connect to.

Ahrem.. and anyone listening for your cell signal or any other electronic device you have, that will happily ping away its presence. Good for you for turning off WiFi, but trust me, it's not the only thing bad guys and good guys will be listening for. NFC, RFID, BT - if its broadcasting, someone will be trying to pick it up.

(Yes, it is indeed close to impossible to listen in on your conversation, but the fact that your phone is communicating with a tower means there is a signal that can be fingerprinted to

Oops. The quality of poster on Slashdot is going down. Read the article. The real mac address is used once you attempt to join a network. Its only whilst the device is looking for networks that the randomised MAC is used. It won't impact DHCP leases etc.